I’m interested in creating a ruleset for Shareaza to restrict port 6346 on my PC for allowing data to go through that port and vice versa to allow it to go out only from that port.
if i create an allow tcp/udp in rule would my PC be the destination for the port?
and if i create a seperate tcp/udp out allow rule would the source be my PC for source port and the destination be any ip? in shareaza the port i’ve set in it is port 6346,
I’m just very confused on how to make such a rule where by all data and connections passes through only port 6346 on my PC for the app Shareaza while I am still able to connect to any port ranges of any hub and networks via shareaza and any policies i’ve tried creating before for shareaza haven’t worked out well. i think especially any one rule such as tcp/udp in/out , which only ends up blocking alot of p2p connections and hubs that i can connect to
thanks
[Topic Closed: If issue returns PM an online mod to open]
Those rules look good, but I would think that they could both be written in the Application Rule. That is, if there is no rule blocking TCP/UDP (or IP) in the Global Rules section. It is a bit better to restrict the port to the application for both directions if it is possible. The default Global rules do not block those connections, so maybe it is tidier to keep both rules connected to the application. Otherwise, a description should be added to the Global Rule so that you know it is for Shareaza when you look at the rules in 8 months from now.
Try this ruleset in Application Rules for Shareaza without any special Allow… rule for it in Global Rules if there is no Block all IP… or Block all TCP/UDP… entry in this section:
Action - Allow
Protocol - TCP or UDP
Direction - Out
Source Address - Any
Destination Adress - Any
Source Port - 6346
Destination Port - Any
Action - Allow
Protocol - TCP or UDP
Direction - In
Source Address - Any
Destination Adress - Any
Source Port - Any
Destination Port - 6346
I will give the rules a go and see if they work the way I want it to work for me.
I should have said, I have upnp enabled in winxp and my router, the reason I had turned it on was because Shareaza wouldn’t work with any rules i would make for it to only use port 6346 on my machine but able to connect to any remote IP that uses any ports besides 6346, also on ed2k i was getting lowID it killed being able to make any use out of shareaza also another app I have is DC++ that wouldn’t work at all in any mode but passive mode which limited me to only 5 search results :-. and neither p2p apps use a remote IP so I didn’t do any manual port forwarding because without any IP to enter in my router for it, it would have meant i would be opening ports permanenlty to the internet and not just for them select apps
I only have one global rule and that is the block & Log IP In From IP Any To IP Any Where ICMP Message is ECHO REQUEST
I do want to keep upnp enabled in winxp and my router since i’ve found its useful and safes me less headaches, but i defintely would like to restrict apps like shareaza within CFP 3 to use only one port on my PC to any remote port. i guess i will have to atleast disable upnp in shareaza for hopefully them rules you both kindly suggested to work?
anyway thanks and i will try them out sometime soon and am hoping they work for me. my lack of experience and knowledge in firewall policy rules is probably part of the problem why i was never able to succeed in making any rules I’ve tried making for shareaza and dc++ work
I just tried that rule for the app, I tried if with upnp enabled in the p2p app and without upnp enabled in the app, but i get the same results both times. on ed2k network via shareaza i get LowID and the only gnutella 2 networks it will connect to are any with port 6346 the gnutella 1 networks ain’t so bad, but the two main networks don’t work well with the ruleset in place :-\
thanks guys and i appreciate the time you took to try and help me out
Try to configure port 6346 to be used only for outbound connections from Shareaza itself. If this is impossible to do, then Shareaza is designed to work using many ports for outgoing connections and there is no sense to configure CFP to allow port 6346 only (as it will lead to Shareaza not function properly).
I’ve not tried it with the firewall disabled, I have tried it a while back with the router disconnected though, would seem my router prevents shareaza from making connections.
and this page is what the settings box for shareaza looks like apart from the default port is 6346, so that may be an old Shareaza Settings Dialog site → Options.Connection - Shareaza Wiki
from the look of it, restricting a port leads to it not functioning correctly since it looks like there is no outbound port rule in the connection settings for the app.
Thanks for kinda explaining it to me, atleast it helps me to make sense of the situation and why making any rules haven’t worked with shareaza for me
what does work for me with CFP 3 and my router though is having upnp enabled. i get no problems with shareaza fully functioning unless i create any rule in the firewall to restrict what ports are used on my PC and input port 6346 as the source and destination route, if i do that i then get the LowID which means i can’t connect directly to any user and have to rely on a hub’s server for ed2k and the other network hubs i only get connected to any that are using port 6346 unless its an emule hub then it might connect me to one other than that port, and in general, i get far less search results when using search and end up in massive queues or not finding much users with files i’m downloading. only with upnp enabled do i not have that problem or if i was to disconnect my router :-\ if you think shareaza is bad you should see what hell i get with dc++ it doesn’t allow me to use active firewall mode or any other alternative just passive firewall mode. which means i cannot connect or download from nearly anyone but they can download from me :-[ and it limits me to 5 searches although i get no search results. again only when i enabled upnp in my router and XP and the app, was that app too able to fully function for me, same way it used to before i ever bought a router. i bought my router for protection though and its not something i would want to be without now.
thank you for all your help I’m relieved atleast to know exactly why something won’t quite work instead of whacking my brain out trying to figure out why exactly it won’t and trying to figure a way around it
if you’ve not enabled the 2nd bit of upnp which is Residential Gateway in “My Network Places” if you have then you would need to remove that first from windows add/remove components option in add/remove ( UPnP-Enabled Routers: Ready for Prime Time? - THG.RU you can find out about that if you scroll down to But Wait… There’s More! ) then you can simply disable these two services for upnp in control panel/Adminstrative tools/Services SSDP Discovery Service and Universal Plug and Play Device Host you set them to disable, if they are on automatic then they are enabled
oops, thats if you want to remove upnp in winxp ^ if you just want to simply disable or enable it then them two services you just change to disable or automatic to enable
I looked at the links you provided and I think that the problem is the Out rule. You do not need to restrict it to port 6346. Change that to All and try it. It should be safe enough unless there is a way to hijack Shareaza.
I think I’ll probably just leave the policy with the default Any the firewall set up for Shareaza.
I think i should be fine, there is a remote setting in shareaza, its something i’ve not enabled, so i think i’m safe enough from anyone trying to remotely hijack it and do something.
thanks for all the suggestions though :■■■■
and hope you all had a good new year
also another app I have is DC++ that wouldn’t work at all in any mode but passive mode which limited me to only 5 search results :-. and neither p2p apps use a remote IP so I didn’t do any manual port forwarding because without any IP to enter in my router for it, it would have meant i would be opening ports permanenlty to the internet and not just for them select apps
